WRITEUP #3346

CVE-2021-43136 – FormaLMS – The evil default value that leads to Authentication Bypass

Auth BypassAuthentication bypassSecurity code review

byCristian Giustini

Program

Forma LMS

Published

Oct 5, 2021

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://blog.hacktivesecurity.com/index.php/2021/10/05/cve-2021-43136-formalms-the-evil-default-value-that-leads-to-authentication-bypass/

▸ RELATED WRITEUPS

Breaking the Barrier: Admin Panel Takeover Worth $3500

Auth BypassAuthentication bypass

SAML Authentication Bypass Leading to Admin Panel Access

Auth BypassSAML

Breaking Down Barriers: Exploiting Authenticated IPC Clients

Auth BypassIPC client

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

Interesting Story of an Account Takeover Vulnerability

Auth BypassAccount takeover

Built with ❤️ by Shubham Rawat